Security Advisory

CVE-2022-21146

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-09 15:33:11

Last updated 2025-04-16 16:43:40

Assigner icscert

State PUBLISHED

Description

Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history.

← Browse all CVEs View on cve.org ↗